Efficient updates of biometric data for remotely connected devices

ABSTRACT

A system for providing biometric data to a user device. The system includes an electronic processor, the electronic processor configured to receive, from a remote device, biometric data for a user and create a biometric token for the user based on the biometric data. The electronic processor is also configured to transmit the biometric token to a global token repository, periodically create, for a user device, an update package including a subset of updated biometric tokens from the global token repository that are associated with one or more programs associated with the user device, by identifying one or more updated biometric tokens in the global token repository associated with a program GUID of a program of the one or more programs, and transmit the update package to the user device when the user device is next in communicative contact with the electronic computing device.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority to and the benefit of U.S. ProvisionalPatent Application No. 63/091,430, filed on Oct. 14, 2020, the entirecontents of which is incorporated herein by reference.

BACKGROUND

Many services are provided to people in remote locations of the world,such as areas without strong internet infrastructure. For example,different humanitarian organizations may establish programs that provideservices such as healthcare services, food aid, and financial services(for example, providing vouchers for taking public transit to getimmunizations at a clinic) to people in these remote locations. Softwareapplications installed on computing devices are used to aid inimplementing programs to provide these services. For example, softwareapplications may be used for scheduling immunizations, managinghealthcare data and food vouchers, a combination of the foregoing, orthe like. A software application implementing a program may requireusers to register with the program in order to access the servicesprovided by the program. Registering a user with a program may includegathering biometric data of the user.

However, keeping user data updated across a plurality of computingdevices being used to provide a plurality of services to users isdifficult due to lack of internet infrastructure and the need for thesecomputing devices to be durable and cost-efficient. Due to the lack ofinternet infrastructure, these computing devices connect to the internetinfrequently. Because of the large amounts of data that must betransferred to each computing device (e.g., biometric data for hundreds,thousands, or millions of users of different services available on thedevice), the limited bandwidth and processing power available presentsignificant challenges to keeping user data up to date across computingdevices. This is the case even though, in an effort to utilize lessbandwidth, biometric data is often hashed to form biometric tokens.

SUMMARY

Therefore, embodiments herein describe, among other things, a system andmethod for providing biometric data to a user device. The systems andmethods described herein provide a solution for providing individualizedupdate packages for devices in remote areas of the world, such as ruralareas with minimal internet infrastructure. Due to the nature of thecomputing devices (for example, needing to be durable and cost-efficientand, therefore, having minimal processing power and memory, etc.), andthe nature of the environment in which they operate (for example, a lackof network access and bandwidth), implementing a system in whichmillions of biometric tokens constantly need to be downloaded by thesedevices is unreasonable. Instead of downloading an entire database ofbiometric tokens to each device, it is instead desirable to downloadonly a subset of biometric tokens that each individual device will needto properly manage the various charitable programs the device serves.This subset of tokens includes any updates (for example, newly-addedtokens or changes in existing tokens) that affect programs associatedwith the device. For example, if the device is associated with a healthinitiative in a particular country, tokens that are associated with thathealth initiative and have been changed or added to the database sincethe last update of the device may be included in the subset.

By selecting this subset for each device, the time that the device isconnected to the internet can be used to download only the biometrictokens the device needs. Selecting the subset of biometric tokens todownload to the device prevents bandwidth, memory, and download timefrom being wasted on downloading biometric tokens that not been updatedor will never be used by that particular device to provide one or moreservices. Thus, systems and methods described herein reduce the amountof internet bandwidth, processing power, and memory needed to downloadrelevant biometric data to devices deployed in remote locations byoptimizing downloadable packages for each device.

One embodiment describes a system for providing biometric data to a userdevice. The system includes an electronic computing device including anelectronic processor, the electronic processor configured to receive,from a remote device, biometric data for a user and create a biometrictoken for the user based on the biometric data. The electronic processoris further configured to transmit the biometric token to a global tokenrepository, periodically create, for a user device, an update packageincluding a subset of updated biometric tokens from the global tokenrepository that are associated with one or more programs associated withthe user device, by identifying one or more updated biometric tokens inthe global token repository associated with a program GUID of a programof the one or more programs, and transmit the update package to the userdevice when the user device is next in communicative contact with theelectronic computing device.

Another embodiment describes a method providing biometric data to a userdevice. The method includes receiving, at an electronic computingdevice, biometric data for a user from a remote device and creating,with the electronic computing device, a biometric token for the userbased on the biometric data. The method further includes transmitting,with the electronic computing device, the biometric token to a globaltoken repository, periodically creating, for a user device, an updatepackage including a subset of updated biometric tokens from the globaltoken repository that are associated with one or more programsassociated with the user device, by identifying one or more updatedbiometric tokens in the global token repository associated with aprogram GUID of a program of the one or more programs, and transmitting,with the electronic computing device, the update package to the userdevice when the user device is next in communicative contact with theelectronic computing device.

Yet another embodiment describes a non-transitory computer-readablemedium with computer-executable instructions stored thereon, executed byan electronic processor, to perform the method of providing biometricdata to a user device, the method including receiving biometric data fora user from a remote device and creating a biometric token for the userbased on the biometric data. The method also includes transmitting thebiometric token to a global token repository, periodically creating, fora user device, an update package including a subset of updated biometrictokens from the global token repository that are associated with one ormore programs associated with the user device, by identifying one ormore updated biometric tokens in the global token repository associatedwith a program GUID of a program of the one or more programs, andtransmitting the update package to the user device when the user deviceis next in communicative contact with the electronic computing device.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 illustrates a system for providing biometric data to a userdevice according to one embodiment.

FIG. 2 illustrates a user device according to one embodiment.

FIG. 3 illustrates an electronic computing device according to oneembodiment.

FIG. 4 illustrates a method for providing biometric data to a userdevice according to one embodiment.

DETAILED DESCRIPTION OF THE EMBODIMENTS

FIG. 1 is a block diagram of a system 100 for providing biometric datato a user device according to one embodiment. In the example shown, thesystem 100 includes a user device 105 and an electronic computing device110. The electronic computing device 110 and user device 105 arecommunicatively coupled via a communication network 113. Thecommunication network 113 is an electronic communications networkincluding wireless and wired connections. The communication network 113may be implemented using a variety of one or more networks including,but not limited to, a wide area network, for example, the Internet; alocal area network, for example, a Wi-Fi network; or a near-fieldnetwork, for example, a Bluetooth™ network.

It should be understood that the system 100 may include a differentnumber of user devices and that the user device 105 included in FIG. 1is purely for illustrative purposes. It should also be understood thatthe system 100 may include a different number of electronic computingdevices than the number of electronic computing devices illustrated inFIG. 1 and the functionality described herein as being performed by theelectronic computing device 110 may be performed by a plurality ofelectronic computing devices. It should be understood that some of thefunctionality described herein as being performed by the electroniccomputing device 110 may be performed by a user device. It should alsobe understood that some of the functionality described herein as beingperformed by a user device may be performed by the electronic computingdevice 110.

In the embodiment illustrated in FIG. 1, the electronic computing device110 is, for example, a server that is configured to provide biometricdata to the user device 105. In the embodiment illustrated in FIG. 1,the user device 105 is an electronic computing device (for example, asmart telephone, a laptop computer, a desktop computer, a smartwearable, a smart appliance, a smart home assistant, or other type ofelectronic computing device configured to operate as described herein).

The system 100 also includes a global token repository 115. The globaltoken repository 115 is a database accessible by the electroniccomputing device 110 through an application programming interface(“API”) gateway 120 via a second communication network 117. The APIgateway 120 may be a server or server-side logic implemented on theelectronic computing device 110 that allows the electronic computingdevice 110 to communicate with the global token repository 115 andthird-party program owners 125 (for example, the World HealthOrganization). The third-party program owners 125 may communicate, tothe electronic computing device 110, information regarding userregistration information for one or more programs. For example, theWorld Health Organization may send a communication to the electroniccomputing device 110 indicating that all users or beneficiariesregistered with an Ebola immunization program, should also be registeredwith a Covid immunization program.

The global token repository 115 stores biometric data for a plurality ofusers as biometric tokens, or unique identifiers generated by a hashingfunction using biometric data gathered from each user of the pluralityof users. In some embodiments, a biometric token associated with a userincludes one or more biometric hashes associated with the user and eachbiometric hash included in the biometric token is associated with adifferent biometric feature of the user. For example, a first biometrichash included in the biometric token may be associated with the user'sfingerprints (a first biometric feature), a second biometric hashincluded in the biometric token may be associated with the user's face(a second biometric feature), and a second biometric hash included inthe biometric token may be associated with the user's voice (a thirdbiometric feature). The global token repository 115 may also store useridentification information associated with the users and their biometrictokens. The user identification information associated with biometrictokens may include such items as name, address, and other informationfor identifying the users associated with each biometric token. Theglobal token repository 115 may include additional fields for eachunique biometric token. For example, when a user's biometric data isgathered and hashed, the program the user registers with (e.g., aprogram run by the World Health Organization) may be stored as a programidentification number, which may be a Globally Unique Identifier(hereinafter referred to as a “Program GUID”) associated with thebiometric token. A biometric token can be associated with multipleprograms. For example, when a program owner creates a new program, theprogram owner may communicate with the electronic computing device 110to specify which users' biometric tokens in the global token repository115 should be associated with the new program's Program GUID. In someembodiments, the electronic computing device 110 associated biometrictokens of the users specified by the program owner with the newprogram's Program GUID.

The global token repository 115 may be queried by the electroniccomputing device 110 to retrieve subsets of biometric tokens based uponvarious search parameters. For example, the electronic computing device110 may query the global token repository 115 for all biometric tokensrelated to a particular program or Program GUID and receive a list ofresults back from the global token repository 115. These returnedresults may be included in an update package created by the electroniccomputing device 110, as described later in this application.

In some embodiments, the system 100 also includes a chip card 130. Thechip card 130 includes a computer chip that is configured to communicatewith the user device 105 and store data associated with a user (forexample, a biometric token associated with the user, a name of the user,an address of the user, a combination of the foregoing, or the like).The user may carry the chip card 130 and, in the event that the userattempts to access a service provided by a program from a device thatdoes not have up-to-date information or data associated with the userdue to a lack of access to the communication network 113, the user mayuse the chip card 130 to access the service.

FIG. 2 is a block diagram of an example of the user device 105. The userdevice 105 includes a communication interface 205, an electronicprocessor 210, a memory 215, and a camera 220. The user device 105 maybe a smartphone, a tablet, a smart wearable, a laptop computer, adesktop computer, a personal digital assistant, or any other manner ofpersonal user device.

The communication interface 205 allows the user device 105 tocommunicate with external devices through wireless or wired means ofcommunication (for example, the communication network 113) and mayinclude circuitry such as a transceiver, antenna, and othercommunication circuits.

The electronic processor 210 is a processing circuit, such as anapplication-specific integrated circuit (“ASIC”), microprocessor, orother suitable circuit, and is configured to execute instructionsaccessed from the memory 215 and, among other things, perform functionsrelated to the operation of the user device 105. In some embodiments,the functionality of the electronic processor 210 is performed by aplurality of processors. The electronic processor 210 is electronicallyconnected to the communication interface 205, the memory 215, and thecamera 220. In some embodiments, the functionality described herein asbeing performed by the user device 105 may be performed by theelectronic processor 210.

The memory 215 is a non-transitory, computer-readable medium that storesdata and instructions that, when executed by the electronic processor210, perform functions related to the operation of the user device 105.The memory 215 also stores one or more software applications 225 relatedto programs or services that the user device 105 is associated with.

In some embodiments, before the user device 105 is sent to a remotelocation where it will be used (for example, a medical outreach clinicrun by the World Health Organization), the user device 105 is associatedwith one or more programs. In this sense, programs refer to the variousinitiatives, such as the medical outreach program, being offered tothose in need. The user device 105 is associated with these programs byregistering an association between a device identifier of the userdevice 105 and the Program GUID in an area of memory in the electroniccomputing device 110 associated with an update package creation program325 (discussed below in relation to FIG. 3).

As discussed above, programs are owned by an owner (such as athird-party) and provide services, such as vouchers to getimmunizations, to beneficiaries. The services may be provided by aprogram through the use of one or more associated software applications(for example, the software applications 225). In order to access theservices provided by a program, beneficiaries must register for theprogram. Registering for a program includes providing biometric dataassociated with a user to the program so that the identity of theregistered user may be verified in the future. In some embodiments, whena user or beneficiary attempts to register, via the user device 105,with a program to receive a desired service, the user device 105 may askthe beneficiary to confirm that they have not already registered for anyother programs managed by the electronic computing device 110. When theuser or beneficiary indicates that they have not previously registeredfor any programs, the user device 105 prompts the user to provide theirbiometric data.

In some embodiments, the camera 220 is used to capture biometric data ofthe beneficiaries and biometric data is, therefore, gathered completelycontactless. Facial images, palm images, and fingerprint images may begathered by the camera 220 and then transmitted by the user device 105to the electronic computing device 110. In some embodiments, in additionto or instead of the camera 220, the user device 105 may include one ormore devices (for example, a fingerprint sensor, a microphone, or thelike) for collecting biometric data from a user.

FIG. 3 illustrates the electronic computing device 110 according to oneembodiment. The electronic computing device 110 may be, in one example,a server or server cluster. Much like the user device 105, theelectronic computing device 110 includes a communication interface 305,an electronic processor 310, and a memory 315, which are similar to thecommunication interface 205, electronic processor 210, and memory 215 asdescribed with regards to FIG. 2. In some embodiment, the functionalitydescribed herein as being performed by the electronic computing device110 is performed by the electronic processor.

The memory 315 of the electronic computing device 110 stores data andinstructions that, when executed by the electronic processor 310, causethe electronic processor 310 to perform functions related to theoperation of the electronic computing device 110. The memory 315 alsostores a biometric hashing program 320 and an update package creationprogram 325.

In some embodiments, when executing the biometric hashing program 320,the electronic processor 310 receives the biometric data (for example,biometric features of a user such as facial images, fingerprint images,palm images, or the like) captured by the user device 105. Whenexecuting the biometric hashing program 320, the electronic processor310 converts the biometric data into one or more unique biometrichashes. Each of the biometric hashes are added to a biometric tokencreated for the user. A biometric hash may be created using any numberof hashing functions, which convert data into an encrypted, uniqueidentifier (a “hash”). One or more Program GUID(s) are associated withthe biometric token based on what programs the user is registered forand both the token and the associated Program GUID(s) are transmitted tothe global token repository 115. In some embodiments, user information,such as name and address, is also associated with the biometric tokencreated for the user and transmitted to the global token repository 115.

In some embodiments, before sending the biometric token and itsassociated information to the global token repository 115 for storage,the electronic computing device 110 uses the biometric token and theuser information associated with the biometric token to confirm that theuser associated with the biometric token had not already registered witha program managed by the electronic computing device 110. If the userhas already registered with a program managed by the electroniccomputing device 110, the biometric token and its associated informationis not added to the global token repository 115.

In some embodiments, when executing the update package creation program325, the electronic processor 310 creates a unique update package for anindividual device, such as the user device 105. The electronic processor310 stores associations between device identifiers and one or moreProgram GUIDs in, for example, an area of the memory 315 associated withthe update package creation program 325. These associations allow theelectronic processor 310 to identify which devices are associated withwhich programs. In addition to including biometric token data, theupdate packages may also include instructions or configuration files forprogram specific setup, additional data for the program, additional dataor information for unique hashes of the biometric token data, userinformation, a combination of the foregoing, or the like.

Because the global token repository 115 could contain millions of uniquebiometric tokens, the user device 105 cannot handle its own copy of theglobal token repository 115 due to its limitations (e.g., low processingpower, infrequent access to the internet, low memory). The limitationsof the user device 105 are dictated by the environment the user device105 will operate in, (for example, rural areas with limited internetinfrastructure and harsh areas of the world that require the user device105 to be durable and inexpensive).

Thus, the electronic processor 310, when executing the update packagecreation program 325, identifies a user device, such as the user device105, by the device identifier associated with the user device 105 andthen determines which programs the user device 105 is associated withusing Program GUIDs associated with the device identifier.

Then, the electronic processor 310 queries the global token repository115 for all updated biometric tokens associated with the Program GUID(s)that the user device 105 is associated with. In some embodiments, inaddition to including the Program GUID, the query sent by the electronicprocessor 310 further includes parameters such as program location(country, region, sub-region), segment of the program (health,financial, agriculture, etc.), program owner, program age or duration, acombination of the foregoing, or the like. By only querying the globaltoken repository 115 for changes (e.g., added new tokens, updatedexisting tokens, deleted old or unusable tokens) associated with theProgram GUID(s) the user device 105 is associated with, processing powerof the electronic computing device 110 is saved and a smaller,individualized update package is created for the user device 105. Thesmaller update package requires less memory to store both on theelectronic computing device 110 and the user device 105, causing theuser device 105 to require less memory and, thus, be inexpensive. Thequery returns all changes associated with the Program GUID(s) and anyadditional user information, such as name and address, that has beenstored with the biometric tokens. In some embodiments, the query mayreturn a token status, such as added/deleted/modified, a relationshipbetween the token and one or more programs, or the like.

In some embodiments, the electronic processor 310 creates updatepackages periodically (for example, hourly, daily, or based on apredetermined schedule). Because devices such as the user device 105only infrequently connect to the internet for short periods of time,creating an update package for the user device 105 in response to theconnection may take longer than the time the user device 105 is actuallyconnected to the internet. Thus, to save processing resources,bandwidth, and data transmission time, the update packages are createdperiodically and, when the user device 105 next connects to theinternet, the update package for the user device 105 device is sent bythe electronic processor 310 from, for example, a location in the memory315 associated with the update package creation program 325 where theupdate package was stored). In some embodiments, when the user device105 receives the update package, the user device 105 updates, based onthe received update package, the biometric tokens and the userinformation associated with the biometric tokens stored in the memory215 of the user device 105.

FIG. 4 illustrates a method 400 of providing biometric data, such as theupdate package including the changes to biometric tokens, to the userdevice 105. The method 400 includes receiving, at the electroniccomputing device 110, biometric data for a user from a remote device,such as the user device 105 (block 405). As described above, the userdevice 105 captures biometric data of a user using, for example, thecamera 220 and then transmits the biometric data to the electroniccomputing device 110. The method 400 also includes creating, with theelectronic computing device 110, a biometric token for the user based onthe biometric data (block 410). The biometric token includes one or morebiometric hashes. Each biometric hash included in the biometric token isunique to the user and is created by the electronic processor 310 usingthe biometric hashing program 320.

The method 400 further includes transmitting, with the electroniccomputing device 110, the biometric token to the global token repository115 (block 415). As described above, in addition to sending thebiometric token to the global token repository 115, the electroniccomputing device 110 may also send a Program GUID associated with thebiometric token and may also send user identity information, such asname and address, to be stored with the biometric token in the globaltoken repository 115.

The method 400 also includes periodically creating, for the user device105, an update package including a subset of updated biometric tokensfrom the global token repository 115 that are associated with one ormore programs associated with the user device 105, by identifying one ormore updated biometric tokens in the global token repository 115associated with a program GUID of a program of the one or more programs(block 420). As described above, the electronic computing device 110queries the global token repository 115 to identify a subset of updatedtokens associated with a particular Program GUID(s) that is associatedwith the user device 105 that the update package is being created for.The returned data from the query, or the update package, includes asubset of biometric tokens from the global token repository 115 thathave been updated. For example, an updated biometric token may be atleast one selected from the group comprising: a new biometric tokenassociated with the program GUID, a changed biometric token associatedwith the program GUID, a deleted biometric token associated with theprogram GUID), or the like.

The method 400 further includes transmitting, with the electroniccomputing device 110, the update package to the user device 105 when theuser device 105 is next in communicative contact with the electroniccomputing device 110 (block 425). As described above, the user device105 is not always in communicative contact with the electronic computingdevice 110. So, when the user device 105 is next brought intocommunicative contact with the electronic computing device 110 (e.g.,when the user device 105 next connects to the internet), the electroniccomputing device 110 receives contact from the user device 105 and thentransmits the update package with the subset of tokens and changes totokens to the user device 105.

In some embodiments, the update package includes a plurality of packets.Each of the packets includes one or more biometric tokens and, in someembodiments, user information. In some embodiments, the electroniccomputing device 110 transmits the update package to the user device 105one packet at a time. When the electronic computing device 110 receivesan acknowledgement or confirmation from the user device 105 confirmingthat the user device 105 has received the packet, the electroniccomputing device 110 removes the packet from the update package.

If the user device 105 loses communicative contact with the electroniccomputing device 110 before the entire update package is received by theuser device 105, the packets remaining in the update package whencommunicative contact with the user device 105 is lost will be includedin the next update package that the electronic computing device 110creates for the user device 105.

The user device 105 includes one or more software applications thatreceive the update package, extract the biometric token data and anyadditional data associated with the biometric token data from the updatepackage, and then process the biometric data. Once the data isprocessed, other software applications (for example, the softwareapplications 225) on the user device 105 may then use the biometrictoken data to perform functions related to each program associated withthe user device 105. For example, once the biometric token data isextracted and processed, an electronic medical record softwareapplication may use the now-updated biometric token data to help clinicsmaintain individual health records for authenticated individuals.

It should be understood that one or more embodiments are described andillustrated herein in the description and accompanying drawings. Theseembodiments are not limited to the specific details provided herein andmay be modified in various ways. Furthermore, other embodiments mayexist that are not described herein. Also, the functionality describedherein as being performed by one component may be performed by multiplecomponents in a distributed manner. Likewise, functionality performed bymultiple components may be consolidated and performed by a singlecomponent. Similarly, a component described as performing particularfunctionality may also perform additional functionality not describedherein. For example, a device or structure that is “configured” in acertain way is configured in at least that way, but may also beconfigured in ways that are not listed. Furthermore, some embodimentsdescribed herein may include one or more electronic processorsconfigured to perform the described functionality by executinginstructions stored in non-transitory, computer-readable medium.Similarly, embodiments described herein may be implemented asnon-transitory, computer-readable medium storing instructions executableby one or more electronic processors to perform the describedfunctionality. As used herein, “non-transitory computer-readable medium”comprises all computer-readable media but does not consist of atransitory, propagating signal. Accordingly, non-transitorycomputer-readable medium may include, for example, a hard disk, aCD-ROM, an optical storage device, a magnetic storage device, a ROM(Read Only Memory), a RAM (Random Access Memory), register memory, aprocessor cache, or any combination thereof.

In addition, the phraseology and terminology used herein is for thepurpose of description and should not be regarded as limiting. Forexample, the use of “including,” “containing,” “comprising,” “having,”and variations thereof herein is meant to encompass the items listedthereafter and equivalents thereof as well as additional items. Theterms “connected” and “coupled” are used broadly and encompass bothdirect and indirect connecting and coupling. Further, “connected” and“coupled” are not restricted to physical or mechanical connections orcouplings and can include electrical connections or couplings, whetherdirect or indirect. In addition, electronic communications andnotifications may be performed using wired connections, wirelessconnections, or a combination thereof and may be transmitted directly orthrough one or more intermediary devices over various types of networks,communication channels, and connections. Moreover, relational terms suchas first and second, top and bottom, and the like may be used hereinsolely to distinguish one entity or action from another entity or actionwithout necessarily requiring or implying any actual such relationshipor order between such entities or actions.

It should thus be noted that the matter contained in the abovedescription or shown in the accompanying drawings should be interpretedas illustrative and not in a limiting sense. The following claims areintended to cover all generic and specific features described herein, aswell as all statements of the scope of the present method and system,which, as a matter of language, might be said to fall therebetween.

What is claimed is:
 1. A system for providing biometric data to a userdevice, the system comprising: an electronic computing device includingan electronic processor, the electronic processor configured to:receive, from a remote device, biometric data for a user; create abiometric token for the user based on the biometric data; transmit thebiometric token to a global token repository; periodically create, for auser device, an update package including a subset of updated biometrictokens from the global token repository that are associated with one ormore programs associated with the user device, by identifying one ormore updated biometric tokens in the global token repository associatedwith a program GUID of a program of the one or more programs; andtransmit the update package to the user device when the user device isnext in communicative contact with the electronic computing device. 2.The system of claim 1, wherein the update package includes a pluralityof packets and the electronic processor is configured to transmit theupdate package to the user device when the user device is next incommunicative contact with the electronic computing device by for eachpacket of the plurality of packets: transmitting, to the user device,the packet in the plurality of packets receiving, from the user device,confirmation that the user device received the packet; and in responseto receiving the confirmation, removing the packet from the updatepackage.
 3. The system of claim 2, wherein the electronic processor isconfigured to, when the user device loses communicative contact with theelectronic computing device before each packet of the plurality ofpackets is received by the user device, include packets remaining in theupdate package when communicative contact with the user device is lostin a next update package created for the user device.
 4. The system ofclaim 1, wherein the update package further includes user informationassociated with a biometric token included in subset of updatedbiometric tokens.
 5. The system of claim 1, wherein the biometric tokenincludes one or more biometric hashes and each of the one or morebiometric hashes is associated with a biometric feature of the user. 6.The system of claim 1, wherein the one or more programs each include oneor more services to be offered to users.
 7. The system of claim 1,wherein each biometric token included in the subset of updated biometrictokens is at least one selected from the group comprising: a newbiometric token associated with the program GUID, a changed biometrictoken associated with the program GUID, and a deleted biometric tokenassociated with the program GUID.
 8. A method providing biometric datato a user device, the method comprising: receiving, at an electroniccomputing device, biometric data for a user from a remote device;creating, with the electronic computing device, a biometric token forthe user based on the biometric data; transmitting, with the electroniccomputing device, the biometric token to a global token repository;periodically creating, for a user device, an update package including asubset of updated biometric tokens from the global token repository thatare associated with one or more programs associated with the userdevice, by identifying one or more updated biometric tokens in theglobal token repository associated with a program GUID of a program ofthe one or more programs; and transmitting, with the electroniccomputing device, the update package to the user device when the userdevice is next in communicative contact with the electronic computingdevice.
 9. The method of claim 8, wherein the update package is createdby querying the global token repository for updated biometric tokensassociated with the one or more programs.
 10. The method of claim 8,wherein the biometric token includes one or more biometric hashes andeach of the one or more biometric hashes is associated with a biometricfeature of the user.
 11. The method of claim 8, wherein the updatepackage further includes user information associated with a biometrictoken included in subset of updated biometric tokens.
 12. The method ofclaim 8, wherein the user device is associated with the one or moreprograms before being deployed to a remote location.
 13. The method ofclaim 8, wherein the one or more programs each include one or moreservices to be offered to users.
 14. The method of claim 8, wherein eachbiometric token included in the subset of updated biometric tokens is atleast one selected from the group comprising: a new biometric tokenassociated with the program GUID, a changed biometric token associatedwith the program GUID, and a deleted biometric token associated with theprogram GUID.
 15. A non-transitory computer-readable medium withcomputer-executable instructions stored thereon executed by anelectronic processor to perform the method of providing biometric datato a user device, comprising: receiving biometric data for a user from aremote device; creating a biometric token for the user based on thebiometric data; transmitting the biometric token to a global tokenrepository; periodically creating, for a user device, an update packageincluding a subset of updated biometric tokens from the global tokenrepository that are associated with one or more programs associated withthe user device, by identifying one or more updated biometric tokens inthe global token repository associated with a program GUID of a programof the one or more programs; and transmitting the update package to theuser device when the user device is next in communicative contact withthe electronic processor.
 16. The non-transitory computer-readablemedium of claim 15, wherein the update package is created by queryingthe global token repository for updated biometric tokens associated withthe one or more programs.
 17. The non-transitory computer-readablemedium of claim 15, wherein the biometric token includes one or morebiometric hashes and each of the one or more biometric hashes isassociated with a biometric feature of the user.
 18. The non-transitorycomputer-readable medium of claim 15, wherein the update package furtherincludes user information associated with a biometric token included insubset of updated biometric tokens.
 19. The non-transitorycomputer-readable medium of claim 15, wherein each biometric tokenincluded in the subset of updated biometric tokens is at least oneselected from the group comprising: a new biometric token associatedwith the program GUID, a changed biometric token associated with theprogram GUID, and a deleted biometric token associated with the programGUID.
 20. The non-transitory computer-readable medium of claim 15,wherein the one or more programs each include one or more services to beoffered to users.